In a significant security lapse, over 2.3 million customers of Advance Auto Parts, a leading retailer in the automotive industry, have had their personal information exposed. The breach, which came to light during a May offensive targeting Snowflake’s data storage clients, resulted in the unauthorized disclosure of names, Social Security numbers, identification numbers, and birth dates.
The company, which was among roughly 160 entities affected by the cyberattacks on Snowflake users, has confirmed the breach. A hacker’s claim of possessing a database with details on 380 million customers was partially verified for authenticity. In response, Advance Auto Parts has initiated a thorough investigation with external cybersecurity experts.
The breach, which spanned from mid-April to late May 2024, was discovered by the company in late May. Following a comprehensive review that concluded in early June, affected individuals have been offered a year’s worth of identity protection services.
This incident is part of a broader pattern of breaches impacting various Snowflake clients, including prominent educational institutions, retail giants, and financial services. Investigations have clarified that Snowflake’s platform was not compromised; instead, specific user accounts were targeted through malware that captured login details.
Cybersecurity professionals are raising alarms about the increasing trend of cybercriminals amassing and selling stolen credentials in large quantities. These credentials are meticulously gathered, sorted, and then sold in underground markets, complete with tools to sift through the data and validate the credentials before sale.
A recent exposé revealed a clandestine website where over 500 Snowflake account credentials were accessible, belonging to employees of major corporations. These credentials were procured using malware designed to steal information, underscoring the need for stringent security measures.
The group behind these orchestrated attacks on Snowflake clients is reportedly based in North America and has ties to collaborators in Turkey, illustrating the global reach and collaborative nature of modern cybercrime networks.
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
